To raise information security awareness at City University of Hong Kong (CityU), a series of information security related seminars and events were organised to cover a number of topics about information security. Some videos and presentation materials are published for sharing to CityU community.
The Central IT launched the Information Security Awareness Programme to raise the awareness of information protection among members of the CityU community. The programme aims to raise the awareness of the CityU community on protecting their information from unauthorized access, use, disclosure, disruption, modification or destruction.
In the programme, Information Security Awareness Seminars are held regularly. These seminars focused on information security issues such as information security best practices, challenges of implementing IS management, protecting personal data and security incident management.
The 1st seminar was jointly organized by the CityU, the PolyU and the HKU in April 2009. Below are the presentation notes and video recordings of the speakers for CityU community’s reference.
| Presentation Notes | Video Capture | ||
|---|---|---|---|
| 1. | Information Security Awareness – by Mr. Myron Cheng |  |
 |
| 2. | Security Enabled Organization – by Mr. Michael Yung | |
|
| 3. | Cyber Attack Trends and Our Defense – by Mr. Roy Ko | |
|
| 4. | Personal Data Privacy – by Mr. Bernard Chang | |
--- |
| 5. | Data Loss Prevention – by Mr. Leslie Sin | |
|
| 6. | Electronic Fraud and Security Measures – Mr. Norman Pan | |
|
Below are the presentation notes and video recordings of a series of similar seminars in March 2010.
| Presentation Slides | Video Capture | |
|---|---|---|
| Information Security Awareness – by Mr. David Shek, Manager from KPMG's Performance and Technology practice |
||
| Session One – Information Security and Challenges | |
|
| Session Two – Information Security in Universities | |
|
| Session Three – Privacy and Personal Data | |
|
| Session Four – Information Security Incident Management | |
|
It is of utmost importance that the CityU community understand their responsibility, as a university member and as an individual, to protect university information from unauthorized access, use, disclosure, disruption, modification or destruction.
Below materials and video recordings from November 2010 covers how data, especially personal data, should be protected.
| Presentation Slides | Promotional Materials | Video Capture | ||
|---|---|---|---|---|
| Data Handling in University – by Mr. David Shek, Senior Manager from KPMG's Performance and Technology practice | --- | English |
Chinese |
|
| Session One – Human Factor in Information Security | |
--- | |
|
| Session Two – Case Study - Information Security in University | |
--- | |
|
| Session Three – Information Classification and Handling | |
--- | |
|
| Session Four – Business Impact Analysis ("BIA") | |
--- | |
|
Information security protection covers people, processes, and technologies. Effective protection requires senior management sponsor and organisation support. In March 2011, guest speakers were invited to share how information security management system (ISMS) framework could enhance information security, business continuity, and IT process and control.
| Presentation Slides | Video Capture | |
|---|---|---|
| Information Security - Perspective for Management – by Mr. Raymond Au, Manager of KPMG's Performance and Technology practices | ||
| Session One – Information Security Management Program – Concept and Implementation | |
|
| Session Two – Information Management | |
|
| Session Three – Business Impact Analysis ("BIA") and Business Continuity Management | |
|
| Session Four – Evaluation of IS Control and Self Assessment | |
|
Email is in no doubt the most commonly used communication channel nowadays. The increased usage and comes with increased threats from outsiders with bad intent. To enhance CityU members' awareness of email security and the consequence of phishing emails, the Central IT organises training sessions and mock-phishing exercises regularly to educate staff for how to identify phishing emails and not to respond to malicious emails.
Listed below are the video recordings from March 2020 organised by the Information Security Unit.
| Video Capture | |
|---|---|
| Learn How to Avoid Being "Phished" Online | |
| Information Security Training on Phishing Emails | |
| - English Version | |
| - Mandarin Version | |
| - Cantonese Version | |
Online Training Materials
The University has subscribed to LinkedIn Learning for expert-led high-quality instructional videos on topics ranging from computing, animation, accounting, architecture, business, engineering, etc. There are numerous information security related resources for either beginners or students who want to pursue career development in the field of information security.